Docs
Workspace governance
Company members, roles, groups, reviews and skill access control.
Each customer uses one company Workspace. Codenskills provisions it and invites the first Owner; authentication by itself never creates a personal or free Workspace. Skills, Drafts, sources, collections and approved releases stored in Codenskills belong to that company Workspace.
Members and roles
Owners and admins invite named members by email. Each member has a normal role:
| Role | What it adds |
|---|---|
| Member | Uses granted skills, manages their own Drafts and handles reviews assigned to them. |
| Admin | Manages members, groups, reviews, access, activity and Workspace content. |
| Owner | Everything above, plus ownership-level Workspace and commercial controls. |
Invitations are accepted when the invitee signs in with the invited, verified email. Licensed capacity and invitation expiry are controlled by the applicable company agreement. See Access & commercial terms.
Groups and access
Groups organize members for access control. Owners and admins can grant a skill to an individual user, a group or the whole Workspace. Discovery and access are separate: a skill can be requestable without already being installable.
Company SSO can map identity-provider groups into Codenskills. Those groups are managed externally and refreshed at sign-in; see Enterprise SSO.
Reviewer assignments
Owners and admins assign reviewers to the whole Workspace, a collection or a single skill. Reviewer scope allows decisions on matching submissions but does not grant administration or content-management rights.
Every member can author and submit their own Drafts. Owners and admins manage other members' content, sources, manual collections and destructive actions.
Security criteria and release
Owners and admins can add Workspace-specific scan requirements from Settings → Security. Rules can add a watch finding or block review, but they can never weaken the built-in result. Every save creates an immutable policy revision.
A Ready release requires the trusted scan of the exact package plus an authorized human approval. Connected clients receive only the Ready version allowed by the user's effective grants, apart from the explicit author-only Unreviewed Draft test path.
Activity
Owners and admins can inspect and export the Workspace activity history for skills, reviews, access, credentials and member administration. Members do not receive organization-wide audit or commercial visibility simply because they can use a skill.